From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1JWnTg-0004W2-3W for qemu-devel@nongnu.org; Wed, 05 Mar 2008 01:51:48 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1JWnTd-0004VV-U4 for qemu-devel@nongnu.org; Wed, 05 Mar 2008 01:51:46 -0500 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1JWnTd-0004VQ-Nc for qemu-devel@nongnu.org; Wed, 05 Mar 2008 01:51:45 -0500 Received: from static-71-162-243-5.phlapa.fios.verizon.net ([71.162.243.5] helo=grelber.thyrsus.com) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1JWnTd-0002WO-D2 for qemu-devel@nongnu.org; Wed, 05 Mar 2008 01:51:45 -0500 From: Rob Landley Subject: Re: [Qemu-devel] [PATCH] -chroot and -su options. Date: Wed, 5 Mar 2008 00:51:36 -0600 References: <200803031828.22657.rob@landley.net> <20080304112212.GA9347@edgar.se.axis.com> In-Reply-To: <20080304112212.GA9347@edgar.se.axis.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200803050051.36813.rob@landley.net> Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Edgar E. Iglesias" Cc: qemu-devel@nongnu.org On Tuesday 04 March 2008 05:22:12 you wrote: > On Mon, Mar 03, 2008 at 06:28:22PM -0600, Rob Landley wrote: > > Quick and dirty patch to teach qemu application emulation how to chroot > > (and drop privs), so you don't have to pollute a target filesystem with > > host code, and/or figure out how to build qemu static in order to run a > > dynamic binary. > > Hi Rob, > > Right, doing the chroot from within qemu avoids the issue with polluting > the target/. Thanks for the example. > > The chroot approach still suffers from the need of initially having higher > privileges. Personally, I still prefer the sysroot option and avoid that > need but either way helps me. > > Best regards Which sysroot option? (I may have missed a patch, I'm a month behind on the list. This is just something I've meant to submit for... about a year, I think.) You can also teach a bunch of different qemu syscalls (open, unlink, mmap, exec, fcntl, and 3 dozen others...) to append a prefix to its path, and perhaps try to prevent them from playing games with symlinks or ".." to break out of that subdir. But that's a much, much, much more extensive/intrusive patch. Rob -- "One of my most productive days was throwing away 1000 lines of code." - Ken Thompson.